From 5f1bf0541839389deb489e6bd60fb8784af836e1 Mon Sep 17 00:00:00 2001 From: Andrew Kroh Date: Tue, 16 Feb 2021 21:37:38 -0500 Subject: [PATCH] Add Zeek Signatures (#23772) (#24078) Add the Signature fileset to the Zeek module for Filbeat. Co-authored-by: Andrew Kroh (cherry picked from commit e332d9d27786ef8b301144ae3c87139c773aa812) Co-authored-by: Alex Resnick --- CHANGELOG.next.asciidoc | 1 + filebeat/docs/fields.asciidoc | 67 ++++++++++++++ x-pack/filebeat/filebeat.reference.yml | 4 +- x-pack/filebeat/module/zeek/_meta/config.yml | 4 +- x-pack/filebeat/module/zeek/fields.go | 2 +- .../module/zeek/signature/_meta/fields.yml | 35 ++++++++ .../zeek/signature/config/signature.yml | 50 +++++++++++ .../module/zeek/signature/ingest/pipeline.yml | 89 +++++++++++++++++++ .../module/zeek/signature/manifest.yml | 19 ++++ .../zeek/signature/test/signature-json.log | 1 + .../test/signature-json.log-expected.json | 48 ++++++++++ x-pack/filebeat/modules.d/zeek.yml.disabled | 4 +- 12 files changed, 320 insertions(+), 4 deletions(-) create mode 100644 x-pack/filebeat/module/zeek/signature/_meta/fields.yml create mode 100644 x-pack/filebeat/module/zeek/signature/config/signature.yml create mode 100644 x-pack/filebeat/module/zeek/signature/ingest/pipeline.yml create mode 100644 x-pack/filebeat/module/zeek/signature/manifest.yml create mode 100644 x-pack/filebeat/module/zeek/signature/test/signature-json.log create mode 100644 x-pack/filebeat/module/zeek/signature/test/signature-json.log-expected.json diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc index f92c028fa67..a091b7f1eb4 100644 --- a/CHANGELOG.next.asciidoc +++ b/CHANGELOG.next.asciidoc @@ -544,6 +544,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d - Move aws-s3 input to GA. {pull}23631[23631] - Populate `source.mac` and `destination.mac` for Suricata EVE events. {issue}23706[23706] {pull}23721[23721] - Added string splitting for httpjson input {pull}24022[24022] +- Added Signatures fileset to Zeek module {pull}23772[23772] *Heartbeat* diff --git a/filebeat/docs/fields.asciidoc b/filebeat/docs/fields.asciidoc index daa06159476..5654b0df490 100644 --- a/filebeat/docs/fields.asciidoc +++ b/filebeat/docs/fields.asciidoc @@ -153290,6 +153290,73 @@ type: integer Height of the screen that is being shared. +type: integer + +-- + +[float] +=== signature + +Fields exported by the Zeek Signature log. + + + +*`zeek.signature.note`*:: ++ +-- +Notice associated with signature event. + + +type: keyword + +-- + +*`zeek.signature.sig_id`*:: ++ +-- +The name of the signature that matched. + + +type: keyword + +-- + +*`zeek.signature.event_msg`*:: ++ +-- +A more descriptive message of the signature-matching event. + + +type: keyword + +-- + +*`zeek.signature.sub_msg`*:: ++ +-- +Extracted payload data or extra message. + + +type: keyword + +-- + +*`zeek.signature.sig_count`*:: ++ +-- +Number of sigs, usually from summary count. + + +type: integer + +-- + +*`zeek.signature.host_count`*:: ++ +-- +Number of hosts, from a summary count. + + type: integer -- diff --git a/x-pack/filebeat/filebeat.reference.yml b/x-pack/filebeat/filebeat.reference.yml index bf4b84bc4e9..9e1d9337849 100644 --- a/x-pack/filebeat/filebeat.reference.yml +++ b/x-pack/filebeat/filebeat.reference.yml @@ -2138,7 +2138,7 @@ filebeat.modules: http: enabled: true intel: - enabled: true + enabled: true irc: enabled: true kerberos: @@ -2161,6 +2161,8 @@ filebeat.modules: enabled: true rfb: enabled: true + signature: + enabled: true sip: enabled: true smb_cmd: diff --git a/x-pack/filebeat/module/zeek/_meta/config.yml b/x-pack/filebeat/module/zeek/_meta/config.yml index 3be38969bb4..cc4572f6874 100644 --- a/x-pack/filebeat/module/zeek/_meta/config.yml +++ b/x-pack/filebeat/module/zeek/_meta/config.yml @@ -20,7 +20,7 @@ http: enabled: true intel: - enabled: true + enabled: true irc: enabled: true kerberos: @@ -43,6 +43,8 @@ enabled: true rfb: enabled: true + signature: + enabled: true sip: enabled: true smb_cmd: diff --git a/x-pack/filebeat/module/zeek/fields.go b/x-pack/filebeat/module/zeek/fields.go index 8154c14a542..d048c716bf6 100644 --- a/x-pack/filebeat/module/zeek/fields.go +++ b/x-pack/filebeat/module/zeek/fields.go @@ -19,5 +19,5 @@ func init() { // AssetZeek returns asset data. // This is the base64 encoded gzipped contents of module/zeek. func AssetZeek() string { - return "eJzsvW1vIze2J/5+PgUx+APdAdruSe7N/PcG2Ltw7O7ESNvx2M7M3X0jUFVHEsdVZIVkWVZwP/yCh2Q9qKpUVImSu3vHwGS62xL549Ph4Xn4nTPyBJsfyB8AT38iRDOdwQ/k/9i/paASyQrNBP+B/OefCCHkRqRlBmQhJFlRnmaML0kmlooUUqRlAimZb/Dr73+U4k+ELBhkqfoBv3tGOM2h6sv86E0BP5ClFGXh/qWnT/PzEdshCynyqnnbMV1okIQLmdOM/UHNF923mn03+1egFBN8xtLqVx7JE2zWQjb/fQCP+bkgJWe/l0BYClyzBQNJxILoFfguOl0ntNClhFkmlOp03pyGka7ddMBLIaS2k266NTPT6sNMUeOL2zPShKbVLIVM09YvPTTGNSxBbv2uBfC/t35JyOMKiGY5kBQyuiFz0GsATvSKKZIDVaWEHLgmlKeIPqNKn1et9IIsoANiaOECAF5z7BeeDQq9ouY/IIFQCSQvM82KDIjZaIwrTXkCOJ9Ls+e1sOtMcyArofQ7O6yUKc34smRqBYoATVYImayZXhGmFWE8Zc8sLWmGIxoZ7pIWKt563Jb53G7RnCkFKbm4/MUdKTOWQsIzE2V7bUxH8plmI0Bp8hQR6KPQZn4quIhTmb3D+MFQC5AJcG2Oh+6FnIpynsF+iO9so3QJbbxr3E8Gcko1JXMwe+fi8hdIyZoq/kbjx867ckJwDoluipBhKbGgZaZneLZ/IAuaKThciFxWAPYQIZlIaDYTki17J3YuRAaU75rZ/+w5oylLqAZl5tIcz6Z8JUwR0x3j1AwA+882IxvAopSgihOiNN0JngaDtCd0Nt9o6D9YmeDbszyC8cYeemwSL/AGxBE0SlO9fSKC5W4XyaVIASVhQjUKUwPEdLF1fYagmuWgFF1GRPc4DQ1L8v4NtX1gycApajZmvtn55W6ZGjAy83N9eXNH3JxhewPDIi1plJ4CjelmZJJXTGkhN/EW+2NGl2p7L7pe9lv/56wjNIKvwC6uv3+6uG3olWN7j3OQs1Mj8L2nCcxkkbzSTXV1+WF2f3e5xzUldf/FP0lXuRelUV8lK6yuW6lTEn4vQWmvKdoLQME5uV4QYNUd4T8mZPWRpmrg9Mo1yzIyB8LLbEy/Mf9NZwXrCJADFOV7yIUGYhoNUVuBp4VgvH+WJwH44FrEDkgmxBOkpCzq2S5Llo6gEgVIuqVSHQjrV99kSzs193tXpUtXSfFaR+Tny7s9zkcqcsomz1JXklxhe2TJnoF7XArkM0gzYwK/R779fmT50nLH6k3R2a9cg17M4yx5lU1CIUEZ4efuhPbhXjDZeT2Q+loV1Xv2nRmigkTwVI3dbUJp86d4E39rDks17UnG7DOJ/Ox6qub+uxFo9quzxe9pxG3x8W9Xt33oLu2f8NcO4P/4dkynB6pgZtYo3gV4fUdomkpQyjZfPTDDl9R9P1gtHEF0YZuD5mOYKbtx4SVZUb5siGb7M6ZpUqXYksP22jXmbhtkANCt6fN9tA9/iOKJW+EAaN1TvwXNnX3bEd7NlGhJuaL28WsemDzbEOo3qAKess7Ty7V7+/HX+xsvBpRpmTuTElOEi2ofLYTMrezxy5YSJXA1extmiqwgKxZlZmTLExdrsl4JgwVNVlWP5+Qn0CiyKK+G6LZJb8O4O0gqQKEiwtBYYe1g1YBFKRNQhGqEr4ngTlb2v7zsT6kQBeGCn82loGlivuogBax8TpPBZe+XNiRsW1rp8kaRFZXpmkrYA5TT1Y57WKpO/Glxe3Mcnj1Wx8TWvil3HOJqGVW/KWjqm7hvF0fYFJ+Y2deL1ra2/bUlbVfIDqK1ZqnoouutU0sIW5BCZCzZvC+k0CIRmXpvVMz3uVqemc7P51IYwZEJmkL6TW9rj6tq+9tz3zCmofHaz0Wl+ORqeW4nBpfrcBkeuG79s3FTLxVDqxqhSSLygnIGqTW6U1zU2dWHy0/Xtx+slK1kW9J5MDtokGVNNXW92hCmiYR/QmLmppauhx/LE03A7cUv5u7IoCXczVXS2/D2iBtP1TGrnFhoI1ejnftjbqDx4+SHE3KcHtxnzeuh9QqrlVvzt2fgqZCzJKNGpCK+V95Gn/k0VGau7eEdsKmYTEr2eruqnJ+JQquQ6bxIUzuFeDtJ9KXSJXCtyHrFkhXRIHMU2kStmU5WkBIhSQEyp7z/5BA/fnVOrjUBnojUqHjcNnyGPooet7b7Fl4HA2LDALIixy33mRZnTowWNHkCTdbUaDkJsGdIz8ljJbp6l4MQtRJlltYvckKJFKU2qKQbsX2aLWgCzmsYpMzlQsMMB/xFbAOyzMQcJ6obdkD9HmltDy38Z/D89TZrpwGNDwR4urXSIXKpnJuZmL+ibNpjFtG5UyEm11fmC5Q806xElxQUwM2U+XkoVhtltifhoNdCPvUfJsEXbOnNSahiULNNk1JpkYN8497o7c8llJO5s8/0ayGoq+QkEVJCorONeULmVGvUSJxjeYPRCh5mtvGuY0h7TJC8+Lc/bS/OiUyQt3f/tocJclHybe/3MOKhxkj36XacLWo2lbWn2U3j0Vfqs7vxditQbbhFtu3lOjnYYtRLPXAhT44W8h6QN8pKdI7GNuubE3xYttcb/GhRVVe3D/sEU0nK1WxgeqYZ0W8f2oapUN/gkLdr3GTeBdFxdrkogt9LkBuM46rcXLtB4RfiTY7ZO9ZrYbc2yl+m7BOunJs3TGW7uH2wvY8hRL20F+L+oRcG398uP108PLibRhWQsMXGOxecDryoJzMI3Syuu+Ci/sCzkxF+gfcH2BPBMHX2LsjfHv/33Yf+qTON7g3sdBO3LzzZE2txyK6rfMqm3UrNwVNQ/aqyHgdAO93M9SAfAXhx0QssIKCr/za6KPVKSKYpgrvgag2SzM3zp+msr6z9dmMyULUJ3UV99fkLcKzeC2qfXq67TTUFTZHmbmVUIKzDOQl4MT9eTp2S/u30KEvuLmMzET1D9lqEeeRp+2kY88zfX8VduHtISolu3CtQTJqbnKHZgVbhFrWy4wP3tvwenYbX1DyppG362a4dS/x+ZSroeN9H3qL1SC+eKcvoPIPmWNtbtG+wPceZ+G2pysIoQs1BmzGyUUlB8aj0X57TQ/IA73AJ1iHV/IpqnA7UQ0z3Yyfj8VM/wCl60SNGfSQrcyl5L3F1XVKlRMLQpn5/r1xT81q9dLO106BevwusPTbeqe6PXK20JGescVbgEP9tpQILTbPZrq0wySuPSQVb8eHVnpCQCJmqfZ4wFqb5JBuItD0NTH9Ix6zrdD0bVp4n7YB/NNZ9UWZZY/FXVJE5AN+KUh9E1vdsjY3MztYAsuohWHRze05k6Li72uOdSDnNNn9Mz2np33i+VSvml8BBUu/EeWYiowGaw4KyrJQwk0DV9JC5gYMBL7qkGbFtV+oOwlZM+b7HEjnQmjxTsMy79/UBQX09BseFpDmshXxS79MifW97PnM9n7mcoDHz4wVJViV/qiyLdGM+adcoF0qTjD1BtjFioszMclXJLtba2bd01WqxDI5m+vhoGjeb+jxwVy/KmJaPCxxd1+g9JthfZquhFJ+O9z1g06KF3OpNknK1ACndkTLwxu7to4HxjpRQJHXyY3T9DBt2uuWKPoNVi0Mw4bUY7wRf1OaxpBXi6e5fb/k02yqlmp6TD+fLc8I0yTFPkVBv7q8OX6cPYeMCWLIy37OvnWpbvCNCEmpTfWw3BdUr93GrUVH7ISVyIMLccp0eGC9KH341FhsLhV5Nshr0TJ6zEmjRcLnha9R0YufOLauRUBKsTEJnk1YeL7nm5OHm8e5dn1fPWeYaDQK5ub75QKjWNFlhNp/gzecktvfzo22v7/udPvxDb830ygnSR+uC4UEvZ3+HRjwlF/4NU110NpImFRxIWkpv0sKp9Z8ZzRPLYTZoa5sE84blbbtVwAk2HzlC7HLzoLIFof6NG5Thd0geYk+ucFeCVKdANQRGvcHe+Y9Aljae3mxR5YN2hUodflVFXFkh4psXknAxFoLD1Gc+ePfNTj82PxYljlNA/IyIOgahzkxtWQrTUY3gwAyCAbeDd+dW4zLy3UmP1Oi25+RWOAm6lXEQmOYIwKMmgtZ54DYXtJDimaVGhRBd+UOALxmvzbIBwsA+qWMi3k4It7itl12CNVQpO4BE5IVkCupHYwDinCnF+PIAzP3muW3ErLFNlJZAczuINUhA5Blo8wRw+fmNO6GQIulmEpDmbTKW/vQMcpGJ9esOkgtNUsjYM0i7Xu4T9Z4zd+52EoPpiCmSYCDQHHAsGS0KMzu2UyGbmwI/yN9o81nzyFSQz7NRM7RmOaSi7NfSDzdgtE4V9kVEqZtx9clex6ygEpNyDnhs9Uj6RkxRbbd0gaSJ4JoyDtIOBq8oF4K2wkQJK/zgRUtq42SVQWl0nk5Heys66fcRNTFObq6+JylbgtItLcMMEbgeQ6NW9NuYiuHDzxffHgbnu+//GhnQd9//9QBI1SaIh+pT9Zzy8Sv1Tgs4L9WHZ0mpxWJ7S0awobdM6DhZVqGpYZrjkZRmQhdkBebAG4FY/76+A4IHo9gfMR3G29K8xqYFSZl6Gs391VIU/UbgqTpWM2EqBa6Y3jS0QdyN/W+V6nmiXyv19uPjPpm3pYpJb/SbArkVxlFKibmVj3eBymdBlerp+QBUd67FXaDMO8HRWI1d2onIc8oj4ru0DbbTlXfmYFUmA9n/5Jpmw5LLEg0h1TQ5XGyBFy1TFmHAw7wX1JQgyh5RQ3aJm4Bhmp8H9kfnqd8acfV8pPb33tIWkkc4YB8hcYIpHzhbLCDFbiqbyY67iOy2kkdC1fRgzKmCRsD0Qhfv0VkQEiz9sWF3v74adU0P+f4m5WdEoJzpn5x79B9iUFFlY6nZCKqYCfcWdnswZKd1Uh1JnNW8b7qHD8dcWUOoprNkRTmHbet2YIJ6D03HS2EDBYwsR8Yz18G+Wenm2mHPwzugX00LnFD/Kru7ePg7yZGLShEtlsvMGmxQqZAi64IfxOvNVIwv+xw95OC8z7bTx9PBMM40q3mL7IyPWbhJ69DarXNK0DRJoIiB2ahbx5ERBrhp3TzO/QPXAxcYr5cxpYGbQVTBekEDqeTbOqbK4jSotZBPBlLKJCTIYOXivJhqctExfk5+3JCcPlWLYHVf5/l5c/7mHVkDJqj4u9e2VPIMlEKnlcZgp1yg4YonEjQeo5SpRDjjjo8xgxfLiknmpWniiYs1b2BkiognI7vK0bDxJE+HlKwJ0sprej5a3Cmi2YasKdN+bWlPTLv9Gb3D8iPd75fBl1J3tiJBGFNPzUN3l35KWgbu349zjC9FybV5jgujMiZPZCXWJKd849Eq66fGQCJ4gaQcj1UtLP/HzLfQuxknJcD8rYQS3P3j0NWudBfrxDUeIi402YBusEpqgZZwHCakZAUB4TN9V+whTqJtL09L5BCaYBi1kL5nvHrHDrzjMt75DJ2E9gps2mwN1/dRXVT+BVqH+IZlwGdU6Rkt9Wo2RBhygKzfrdovJUsXumgr911r+ickYyn1Crh2IRLvFSQlRp/nYPQeprzZniojmXvSCVc6yKwyyW7y8+NehhObbzUcBjEphvPehz/YcIOCFZAxDqkLPGC80rdrj+SitVHe16p5nboVwGpaqtkQc8oky+kDtlm9ISToUobyMdUckwsxG8xOmTTBuA2RYOXbl5emlQ9jA6tn2nS4USdxHO1B86vpcnKsSV8Uj4s1cQqckGgifaYSebOp1pLNSyOsGxqbTeDLqLP2UnTesKTMaPcC7uzwgrKxIR5qTOyuSWVMtOKQJWdGqhnRV4A0CwRpI6EoRHh7oX/wldOTwnm8K6eQ4oXF9LVcZJk3ya2ApiCdMpLTTf0mcKNAWV3FW1Hl0YwZjChfwqw/MTtKQgNrC2N8z1ClyhzId3/5q93cNPMuhKYlJYwO0U4MZsRFPLmPSI2SuIgXnFvbEXauWtExnrbuVvjP4AuuGyZgdEPGk6xMnXL4jvyzVLqxvrb10VAUI8g+g4E7iXqygQvJluhpjxkOyImQKQreetiLlsm1UZ2hDoQKgVqZvY+NtzJ8T4bq/bmnmFm7kfYHauTC6y5/aIwbIn3V1d8L6SsufijO+jxFfl54q13tcccYaPMk06yOo2rdrl7DnIt0NJO82gmvinsrBbUNvFbWdcsJcUoP/bXpeyy7ZeA27BD3THd4VXp65xNRGC5tGIWGLGNLjDup+gsw0FWfjeJJHQboHahoSterBsg6FSGEcXGnM+MglC4QusaFkI3Oi9vohx8urq7u3xFH/FsFQHv13o0hqOQGHyYPjTEEnGMDvPH+c7kSdCuOu2XhsLmrnpRtKYglohJo7bW69EtV9ACTa8YHi2RWxxntP9oFmNoDDoDGd/mhD97wvJHkYHpq1IvKqXa5QnvhjRBTcJRtU7K99ozvzrTgkwjqQPWtohi01CKn2vGfLViW2dDakBiMwckSyBp0vLkyGsm7OuRl8Fi5MU88WTFiTKKNsX8P7Bqg76U5RYs4O6H3RsdDF9OM8sGWFhQt9kp7tJ2a1LqUcTZRQ3VXoLO/h6TfW5r2eNAfHO+79X+rsigyBqmD6K1TOJSxELSo2cDI0F/n2WzFqCOo1pSumK/N6LIGzS7cI8refGR2hCy7i0bMGFt0t8LK5jm2zLEI15+J/2/RFYwHycXWiA36eIP9iO8XdK1j8Jnnvqy5UPxlQJG+xocVGIEQMOC2kjU+7Eqvla9VtOr6fp+CVZwl28SjB9jZblnyxOvKMLUDPzB0JX6Q8iFoPqP4XzRBxgPydwzG2Y6vmBCWnKb9AX4Tc+s3pkXmHF+N6yA48DDplyxTXs094c27G9zVaLPhXl6sZuPDyhMJC04xP3eDznwmk/dpkpwp4OmYN9//XF1e1tkxVejBDi2RjMd2k7H47lcbbTNq3IzcB4UTWtVzbHpgd1j6yOnixYejN/adgt7I81CdJmrK4O4x9QSbdwc0FGjuAT+BnIMUIQw3x7itf3Hd71Nj0h6/yErjva8padb7DAkq6wge8uAYCd9ePHxDhCSPDOn2f5LUlrGrfv/408M3QS7OeMhdUTc+XjzS8SpGfMi4YYf0XSY9WdYHOKP9gllOp7HUOSk75t/XzaDof/p/MDh3VeslcdMidqEIY817plnE2iED1S9cjmO3UnbggNxxRazYR4i5j2vW5SaKjAU7CQCT0s1wfa6DdlzNWGH6QMGsLUKm/ISNOnETVnRplg4hvbIIgCdyU1gKkOFy2tXeEXJNZUq7ebAHSJmPdaN+XsbUv/qe4rCOi+beN7kvFvvxaMeUlh2vJ4kjen6myvJO2fGVjnrEETj/USnf78ejPpuAOfTV4oqPdzs88Zery7GjA51MmwMupt31vA55tfW9wNut7/Fs659LUiszZlYsxdyui5CMm+Mjw2tr02bhkxpw6HOwHPJ/RAb7UJdnSPaZ1nZI2pe8mx5sIueXs5vUVMCvsal2ga10VJHOy9d6XNrO96NX3VEcaXLoJd9VE6jhiRq1N8IL5nfGxlc1690lVWwROoICSYMxQWq2qy73pNytux01yuwCv8eez3LIczqan3Nj94RNWutUGq227Ub9/lpRUzebh7992mfTdpMhD9wPSTN702wBplQ5qmNG5ehArm2fCGm73y8H/0B7QxdRk3DMTxB2Aun4U0CsI56INpcQXSwsMYDp5B1yefKQAEZzvuOtl7tpnVDrwqiDfnTbAhU1te0WW9/r7FTOsKglxa479T29t7kRuBNGE8SSvDgRtuvLm1DyIjSFR6Ui562imx2CPMX4MnPhKj6rvOHBR2e13VwhyB3B35Gm9XB6v5Ax/Iva+0Bqb5zF08Sf2J3ZH3USctD+xTo8ODdfHIfvAj/z5TH5uuPy9dP54kD/xek7egkdsRTJ9VWVYjpddHLR8dEc4pPYKjkZpGxEzZJHzqcypxwvQnQDVNRlTvwEgVLl/KigVDk/C3Me9tsxJpQxrRWuRJRcO03C8j3scqfW1DMu6TbexPgqC64KvOnBlZWhTPnwyqD1QnDYWy86DS/bdr+xNXNFohofq3bQATitNyZy7RvXqNMCa8Ie6oKm99L9Iacsm81Fupm5Ip/9aMemtCvZf7She3xpK1FZ0lx40Z7KxGgKGeSAexPtCLY5G68LLwXlKRHcDaN7e1XXuKM9NgMZldB2uClkdDPT4gmmr03Pa8GO1hwye/Wa9qvVUOBI6RJaOjVjXrJMnzFuUSEFmDOF0ozpbkV2LQgixwAzf7njdwmwyhJju61K1pnD9gypVyTx452Wq09j+w0aC19zNbUluH1NibEHevXwi7nza127oYGuV2bnN67EugBddX5LadQ8dOhDWhYZPub40u+s0buhKCQoNVsMxMtMI5rueTkYsBnwpaszxHxtcdw/Tg1wA3WZLXOo4I1u/VSKojhGMc+Kgcs+na7vvBHZpurYbpHuJQVutpJ/SlG0R/bAri5DnTVjX05pcr59/HSzj9XMVk+Ot92vGtWY94/CXgml497dP7sWJ4CJHufWYcC3dYosbWY7ShG9SLb/RTkUVtTMNYg7a1v5BnvNWp+reXocxECI+eF+67RzhbbbjuJivbp96DkKNSkxJZc/X3z69OH2pw+B3mEOes7ECaDfgv7x+tfY8LWEEwQLPEqA/YFXXBaJilsI4b+Dpfevlw/bhH6E/MozxoFc1s55T1V354uevjVf/ObcfHRDEgmoR1RuVqeg9vtSd/rQWQYHWNa7qiaGSbDUP7xxuFv1p5v9r6jqp+SYFOmWLYVkejUclXpQ0gKGj1V9VOFuXq2znk9pnpL2kzx1//QLbMy/hDBM4OePIg1Pk8lThdit/Hy8wZxoo9WWoFZGxxqOP9/G/ATdp8ZpIBflPGOJ6WD8MmQ0m1lDYbxj9IDNNuyPqEF47/F4yFGbRTMiLiuWpgOS8Cye4pXiME+RweMSEvc9QHxuXjgt0vPGCJ17y4wjhIqit3I4iSOS7uvK4VOhVipm0TNdByzMqsfDFGFhMOR9e3Gc7dA5sFZijVnulmBdi4YhKhFSQhLCiMG7VqVY+DPzpNZbw+CwbtV3onNR6ubgvAOuubg+03tHPdjaLvlKz9VivxCPyPlWj9Wj5o0izyCRiNtawUYtRfFQtJQiprCmAlrfLdk6/jGkPCdNVozHdpNQuQTt266rFVTcEonIC+ZKgownoZuPznqk8uDBCYHYsDc1gTktmI49WDuPqQOnTMLvJZOQElEYzQ+FzkZpGMpUavhy7OfiwqmabcTaOIBaEFny4AL0TM3gJWIKzLVqOuEbux19PkhASrmjGMJP/a9RfH/993mnknoshOSv/342Z7qBcwRPqUDNqMr6Fb9p5MgCGpAwDkBqcuHMlg8FTYB8ohtzOdxTnoqc/YEXRgjSFLZv8ehAr6im5APOn5G0dxKegYfiS0QKM4yylF0nQzSoYG7ZBCynetUbSVaQPKkQmAr6n6wRsJUK4wrKxLJf17HeK4p+lRF4K6pmLDcLMdNxk9naMFGhopzYvkjIUTHQrH5wGmi2r2BoRq06DbCKcr6lyoXiTGFeLmc9RfMj4yTYURAs55w9jAZ7oAgrUtVWVeKtE/gdYY7adoe6K2nKXi2V5R4730ftPdS+3x+95FvFCO/dnJsNFTMehpuLS+9w2wPCQtIcUsxN6YXSqcIWkp3g7k9rLHaxgW1nn7Mdt4BaZyjG/GYbQsmKcV0zJ99fXF3/9uBtzjYHY6BVYoMeWorZSnDnBu5ktvTOi41NmXWGP21W7m2kS+0S7R94IrLMmniqYT+WnEN2ZpM/zz7wtBBmWiq5NvpGwAjSmXnsxttql7ZVfELvsdfQMn1IeZS+id1VpjJZ0SwDvoR6ihc1KZxaOYuFdqe35TQcfbJado14Q3mo3JNGXV9gFMuWG3MszUz3U25NTqXxYR5kDnoN4MMxparS6/EgNoJO/nyBgzi7wKqFf65WRkhUE6QUssGv6YI4IC/05h2GywPlLvKy0ajvCxmZG+l35owHkFRmYrmcHu+wK92JKYyYoZkEmm6s0cv2hvPi+AbZkgvZV8pKpq9VIPz+6m6/VCDxxCJel5fYniv8iJ6dlkfcm0fqU6s3hWNWpNU9e+rjaQ2Dttk+xkByrd8oQknOXqrzYuaZw1Joe4xctqg/FQp3yU+Xl5W8QhtLh79+vECKLaI2G0guOcgz4uqz+aZJshJq2wU8gu8JNnNBZTrL8CkdD90vrmFiGyZvM8qXJV3CN5UBt72hRi7LYXPoFKP8vGTZkWpxmn3lhubNrDuOUf+ouyPvC/ONBPi2kee9N7pCirRMenLSIoG7s+07ooG9t00K6kmLfkVxyr5Zs3QHh8xBtUmvLFTbxeT1WAFbro5UBNkjtH1MhpiITMjeGiQkzp6xyeCZkK4uY0U3tHUGXQ7Lii1XswYouwlOSYDTk8gXaSquO8lqzHsHHU2Vz/bkFKuxGulVE1i1ibJ9HokZu2ukHI5pbc2WKHcQ/BxcmbsODjDQHDs6+a/z7//yH6jo1UygHKvSyLbJKVlRFkLHVIDMKd9FVXRQFfpOudwqgLoJVsgudlfe0ILDKHLICyGpHIvZqFc62l7O4BmGCegO2swfamI17KWbihlCPwh6JY50WTUA2m6CEdYhygNezUmvoUekC6nd5ub9Y04tqigVpFEVVvUrrZMgvS12EKPItHjvQ+1nSmVtVpRvOo19zOiyI98WPkcbK7Ni6vbDw6eeF95i/lovvI8/7vPCc1pktBN6RLq1nP6zt14ViRuodmO6qbTrlh4SGE+XM34SoKabvYGegMnsNRdq57u0A/QVFyroAd1DKjn9aPanYZA4+sU/2pkYU7IwyIku0jbZyxZSd7XuUD2r6VxRCbNFRiNyULQIlew7Au2MnMBLkpXKKNE2jdd0ngYS07h36kHJvD2FPRove5VIayW2gTE+QpAOVxHb9eY9wHj9j+b7djqq3ofuAbB+bj1qg3BV24y9lq344XovW3GDfTZ2DdD7qhyjfbqwAjLGIXVPcJdP3KZNaVfjrgvHj5Pk1jfk7yXwATqhKQI4jlDrz9b5O8i5NQU6w4NZPe8/eXt9+/frxw/vyP2Hn64fHj/cE9DJ+RApfxNyb8B9JMiXthJ6FXlw+QC//+DLZFcevaBcuVKyqYKtJ2fv/ro1k2E18QfDuqcVMNiamyuqYeLc7Cp5H52PPuqG8Nv3oxR5NfhbYWbChtQu/6dzJRlR+kaRUpXWV1QUwBv0RLYei5G1SkuG2chisUAnjFFWrOcu4DTobVf6kQb+KPxwQwxH9FjE448NA6xnZjXSEwmPBMee35EmR1u9NS38kPK5SD1hs94HhzFQDWiKkLF/P/uEHU4+Uju4Ij/3M+Xuwf/nDlU18s/odKkWRejXf7qCHr02WqizLSLephg8dDa6DyqbFs2yqLyYnWmjWXZ2fTVRGvXznEeE5/jNp+pmCuSMLuPWd9pC+JsCeXZh+pg6h8MJnJ9XNaSHmr+rU1lj1PY1TMFG4sg0h87Ls70AVhYBKjnrCKSIm+UftoPQw2+/HZkPdUhwPmKTY2Kz2rX5fNZmOj+lfcD1vl88WeTyqU1q9ialaqjgnB0FkSrnw6D2iJv1bO/x0PlysxWP/AC+cb706CnvVhXCy7+itfcppWH89lL3z9Q4P1dPfLEoeUqMYmvzIquz6B+lDqLXKkeg7XKzTSvXW3sTHm5+3LMmbvw8iEZtSEjbGRG70qbJbkabAwBdL6rokhZHqullK/BEQqPiCBp+qtkspcQaQUGzahqaHVhPsl+e+NgYhPo2ZerJmovfkUIabUL6vxogKdpH3+008TV5aYKVnjD+bC/4JCxAAk8gdcy074jSQgJhmqygWTnF/hzEX3WQP+ijL2LMFhXr/I7o8iYo2lcZJxKsC2vIxq2aiSWRkAhp5tXbwgPw9ZdsigDutzpksrHQO3KfyRY53SCsQxzP+qX314PJO3sMmFh+T0xvcgN3r3WNmelmTIFeZ3lSlBISYM8jEBsK5bczsTALms5SRjNIdMQ7frgkt8rn5n/fnuWU8bF6RVcOGHFI91P68vl3YUM8uDZT/xi/izrG5lMAi1+/0mPAKCFGkO6Vj9krPg94VU0VmfV12P8QmOS0vL6qRKOl6g0jhzhEL+unRNnjbtth9TwAxB3VK1KUWdY0YTq1y5fY2Kp7YpQ1IXfVJa5zBOCZiVJFpiq/9tITZ89u1Gr2nALpiYF8UvcbVaEhAYlKiv3RD3h/svcfNxqwvT3K8ptnTbjFayyN3DSmaV6ofgT2Z5RZECOEOil7ZC9GqGFru1sjlzJsxh8SXb6ivJtFGBmS7SQYkmXkOTIkm5IWCCkXKbKEHxcT9rLZhalSfKMW4vjttyFhbuTq1eWH9/d3l/13cm5rjLzerTy7cVVO9riX44r/ZqAYSn3TfAD58QHP6N2lSiS0y3dFf1bbdBfUx2axqaiQ5MwRUTXwBwUrHmLD3mliebj58bt3PizRzrO/HBlPstKouOSjkOaD375r5fvgVzpt+2+nkJaJy6r2LRGqyBqyrO/A6VcLlrt5/Fyi5S5sRhSyknnNF4HaaDkfGddyOjsFBxmdXVnBRjDdegUSSF5mmhVZI4sZ6zE1tLbRqMrsiE7dnyETYS4dLAHSE3JxAJgPWITDcXyAIgs0H7sAspuL60/k4/2vN2HwZFLoqO7vneDuL+8eyeOvYdAGg9z2Zxzsi3ALAxF35bZxfDQPlCAcx4xQeAzcyslkHqEAn+Rl4H49TbxG6JTkannUYI0btby+CoPC+Oz4k3PNz3w8SxiqU8WLhKF5mfnyl4wvh2iXosD6r7Nf657Oru8CpQ2TSs+sFXWATGYqlVILnWXXuXf9BK4kJIKnJwBnO9oTXUZx4oqsn2NysjfMtFtrL56v1oXSWWVHhNuDB986UwjQIgfyxQuh6nEgY4xnJ35qWviUziJWlb9u1MNyi9vQRVdUEbVmOllZK2Fp1FXy+Olh1E6INVCrwzKsAB4I2uXX/9kfFquw/Nkvta/cpbR74jhg49ozVTNH12K09ecDuFtH4LuYb99LXRzO2j7npcYI3w2MRPlWIrRkaUQvUjPLu+Ni0cV7dIOMZXdfOHJLSMkzJK70crvcqkvyplpTv9l0fcbHOZ7XMO+ptRdzj3lxY+3S+MqTolyuCCWuc3xBygVtloGsbg+ev9pr+fZmr9ey56Prf3tMKr8HhOb4TPaV9rpUdwVNnkCTOWSC23qOVr0x4F3mZcVH6aoNCA4h/pUDw4H6x9NIMEaIoyQqzai8kg/Jk+kFAXyzvh5mS9NBiG6GaV2rFuli7H1uU1srKjiMzKGKFFRqP8Y3irx9/hYX4fm75BtC05xxprREA9x7z49myU7XQj6dkwcAcv/xknz77ff/PxHS/vk//vLtyBwtIV4GlQshG87EPihCuM1Z80wlw8IHc4bU1lhc+yfQ9y4v8ifQt/Di/0rurn5zYq8qALozxZi0aM+yp9nnMLYfy+wpxoB8bN8rL5QF8d7/Ye8h1a+Fr2gLP8DkPVtdKkwVGd3MrHSKJ/suvHm+8bnqaWyknt1XRssGR+s7pv8XM8WGMpEPKPbRqu4zAI0kGWW5Iky/cVpgWRBE06NRiOTp1QJQfr385SEW883EyB/HlNm8iA2qgNddPO24qjjqC+dVhL1mcljFe1xI8TIW411QpXoQHBIB5lqMge5IEeiO0crLEqo15IU2Z8U+NUPhxc673hk1eVAwp+UYbzAZ2rPk+dLJpS81TXlNY04RltGg5mLQndvEb87soddFIH7T1cjqzEU5kPXxea2N25QI98tZkRbqgNVIaKFLCbOdAmfSm/kKNMic8QbxoRdB3sfsOvdh/zVpSM8F1yqjetLr7eHnL7PAW8okHBTm2bOmvskeBsQqDcHKhDVVeLUkNMNDWrEUMt6Td448S9rcn/bTPs7Pn7Zff3v88dffbq/OyfUt/qH+lYKKG7zTrCgKoRhG6OkyhM/f9D3rVmU9cP2shfyNMi0QvSrzOYa5BETiTNdPRpDstZMOVNi6UMyZylskcm+/NeLzu7H4nqEKyJPDJy9ZsQJZt6saBDRMdd8z9mc0CxlbPfReGn6i1QSvjXrNDBnJQ6IYRV5IO7DjQWx0MgXjwEGMCNC5rVA2PcHmjaphBuB7gs0MXmz06PEwGnnhe5kyi91qRxHBKbZE4+zbm4vLb0LRVQc5Jr+ieykcbBMJoaLeYi20XSuyBiLmuKXSc/MNifHO2ZpuFKF9uh4hGVBrt35nX/VEidxvS0Vy5K3zZQe56HZMaDMSr/mDZTFs7TpqnbJcaOexRY7IzJMsKyBUgq+SoZpIelv26FydJ6LX4mxB0Ytj8JG3cL48rxW9i9srUpTzJ9iEUJ5Fosns37EX7emzRUX69Mzs1fTMT7GMKJPUg4eHT+8fPz1UN3KVmBvkaey98SKgse0SVTIN+0Iq5XPEOOYPWWZ+mdh2t7GQ9Qq4s1N8uLz6+b35z4dxNqsyj1knyTJnC+LZtv3Ly/vMbLV07JRIqK0q5p7JqbY1+f2Fg1pQz3EDKjMGMpz9nMOLPrhQTk90O7zoukiObtYgEwoaNiNaFJk/9xndgERE9VfNy4MHmK1BaTrPmFpNX7KeqPLeJTOqp8qqdaviABoQGrS+2ZhF7JlmLB32407iNO6zAZI42sW9rfjkCj/4mgj1IGp7wV41AnZyA50c8DtXrJEq8msB3Ij/xhcM1pAoL5oNVSyZdKY+GZUE26wFHDp40lL64xR87nc8YKfsuOPxELQispwFDXNnXNyHkNV9VMsKcq2rQ6ua4mcAJ2kEVdUmEmfwGn6DN2cAi/hiaZDjbONLrDrS3sWdPGg3Si38dgXCtK2in4GunwWh5VfqQc36wpUiDa036qh5WG1OWUVQXrshxuciYJBMqXIC538I8ZcL+fXxomzJ7UMFA29trZxmnZndA6h/QlgfEpHnrjBy7+fGVy5wkMQRKAnuLO1RBjsytpJr2Wd/iD4u7MgSy51gYGiS7YYcHWFkn1xPpxiVkEvK2R99Os4RRvZro7dTj45ms5KzfpPC0QZJM2I6PcVYjWJ5AnHyoF3ZLSzHxRM4qmTZnQFCjnARfOWi/ysS9l+LeP/aBPrXLcK/QqF92JACHPiTCIk/hzebe3D+6822T522z/XNtj2A+udLuLgPHOzne40fc2BfzJttr1G9/hV/qtF9Dhf+Mcf6WVz/sQf4Gb7ZvmzR/xUJ+69FvH9tAv3rFuFfodDee0hN9K+V8YR970XrBzETje4AC9VSTZbAQVqKfce8e05uhNLZBp9CSVYqPU5ykUMuOoL0gHSsiyq927bs2fyzjYsNNP938+NoClTyBAME0VMe4hXbw+BFHlKNq9+BfFuFBzrUdW8uok57+hS7d5Ac4JmGFGROpSiKE6F2fe3GTNiCSKApUluyZ+RcWSxYEpTX28uXc5zBYNyCsLQCGeNPUUdVZTNt9B5cvuPJvSeYH4RcdXWUWalDROLNjU76lOzdKniIVoxkK7vvweHwYRI2+ebn8fKuOS9toWgF5T6a7+kB43myu2WaJCvTL3sFf7v6wlZwG/DBK8iS/MtewuvLmy9sDTuIJy1iFcL6DPykOtVBmRf1nWVxR9Sqfi+hPBls1NVX9BlsEK/te9IQqsuQ5SBjVs3s38tRJ8NiJipZQVpm1QRMW79BgREjq90VH6uTfmrMdhCjzJVZRKXwJIuDkA+/IE67LBa07TPbONqtABKwlKshuqTPfJmubh8qBqAvbbVa2OmaMizfRS2L8WimDFUK8nm2mQ0Wb4n9qIgyfF8axijTKdXUqBn1YALWqKdQ4JEgYn2DaRglHS5rHBWjo60zHWIR1UlwS/7ExXo4HiMqYtdZD1Ly1hdxEDzbkLvrCzIvFwuQRGLuJxfrsXR47Yv/zLLOChxgwPtEly1SxjXNMpJkInlCwj+3CLquPDRqJaisthuVideqyWI738duu6AJ63HMHJLXaDH4hquIlTBuUwXPII+Bxze8Jx73qXhwHldAiowyTjS86C6KauOXnMPrZeruxQijo9Yvb1WlxVkYy7SPXOqvCaAiKsYXjkjwNZ12l2sNTL5WsfR/mL73Wa8e//gBzhpkD2g4vHAqhuarfwHTlDkPJOOLyfUMevw0VcPENCxzxyyQJCIvKN/4hD8LOag2ORd6qHjUQcTLVVasxYLkQpkSRJeSY6Iylpi2vY/5laL64lBgVf44X1DBO+QQbU2ku4KsWJRmtr1rjqRQZGKTo5nAzDCS7LKkzGjlviNcpIBfp1hNVkukXSZaYIM+AHLjGCX7Pz1Gml0FUcacGizVBlmKBb+Fo1x/ZqlPl6d+a6mGJ9PfQEUpC6Hw3KSQli6Fmy/tdxSybDRwe6pjR/I+r+jETXtVaSXGlaY8aZ/G8y2oniExhQXj0IGaCJ5AoUuaZRtCiYdmBWJdh9I23RGFL9//5T9eSRKarvcRhDFruXy0obpVDayGx3/Ml1R/MvjZNwLmR6pY0pZ5c1Hq7dDhfVmf+ik5yL7viv5Qir87Wg77ng4JW0M2h0EwB0VmP1imiHAsRw+hmx4Td+IoskoCuipgzdAXtT2WEeivFM4XbwivEPgWD/wrRrsdZxCvGuIWb0ivFtd22BCOn3ZyjS1/FZLSTpLF/SWLywnj+Mxk5oQRfKaC88CRfLbSc8K4PksRGjiOsPMeQQlGrqS3uVCaqAISA/Mb1ytCCMCI2ZjHEPWX2zRUaKSrDPYTr4Cewm1txAO15gNBm59Hj5HMYSGke323twFyWOKoArdzyXWnGtjxgNOFBjkZd4Ngdu+NERRpNcCg3O4hyvFulp9/gk0Qvy7ZbTg/AspfYIPNvSNsgTALKhXYsjcbIgrgSmXkLTC9Akmkou9IqqiRWpDsYjVtjiQDvuzw3bbHskew2O6x2L6MAJ0zPRSp0gSn2JJTLAKwa29EEJi3W8l62OlerMvwUgjezc6PhO+Dax13wv3Dxdm4kYqM8I1GQnZpmkZYHy4DUFUr2zG3TzaZ+UxFmiFLv2bPzq1REeJVJQGmG9DSTrh4pPn7xJT2ISjAtWRgS1ld3IaEC0h2XFS/3V/vjwp6KlxGxoVd7I+sU763htX7qz0QXd/tD0cYuW0t6Ueiln6UZcW027zxE8E1ZRxSi+Ed3v8SErHk7A/zr9LeNak9SRbiWL4JVSyZJYIrLSnbJ5Y3yCbeaDjqyW58dUZLvRI9UQyRVuPygiwyusS6IEKaOQ/YJAXVq9ngLR3BfH9DX1he5tiRu6LH6F3FcpYMkbtOcqbe1dV7C5GxZNOs36uy95lYnq2E0qZXdSZ4tmnX8u00+MmVdNmiZWEKeeuljdRmC1wKLcjH8z/93wAAAP//uQKAiA==" + return "eJzsvW1v3Di2J/5+PgUx+ANJA7Yz6Xt7/nsb2Ltw20m30bHjsd0zd/dNgSWdquJYItUkZbsa98MvePggqSSVVCpWOcmOgelJ4iryx6fDw/PwO6fkEdY/kj8AHv9EiGY6gx/J/7F/S0ElkhWaCf4j+c8/EULItUjLDMhCSLKiPM0YX5JMLBUppEjLBFIyX+PX3/0kxZ8IWTDIUvUjfveUcJpD6Mv86HUBP5KlFGXh/qWjT/PzEdshCyny0LztmC40SMKFzGnG/qDmi+5b9b7r/StQigk+Y2n4lUfyCOtnIev/3oPH/JyTkrPfSyAsBa7ZgoEkYkH0CnwXra4TWuhSwiwTSrU6r0/DQNduOuClEFLbSTfdmplp9GGmqPbFzRmpQ9NqlkKmaeOXHhrjGpYgN37XAPjfG78k5GEFRLMcSAoZXZM56GcATvSKKZIDVaWEHLgmlKeIPqNKn4VWOkEW0ALRt3AjAF5x7BeeDAq9ouY/IIFQCSQvM82KDIjZaIwrTXkCOJ9Ls+e1sOtMcyArofSJHVbKlGZ8WTK1AkWAJiuETJ6ZXhGmFWE8ZU8sLWmGIxoY7pIWKt563JT53G7RnCkFKTm/+NUdKTOWQsITE2VzbUxH8olmA0Bp8hgR6IPQZn4CXMSpzN5hfG+oBcgEuDbHQ3dCTkU5z2A3xLe2UbqEJt5n3E8Gcko1JXMwe+f84ldIyTNV/I3Gj5215YTgHBJdFyH9UmJBy0zP8Gz/SBY0U7C/ELkIAHYQIZlIaDYTki07J3YuRAaUb5vZ/+w4oylLqAZl5tIcz7p8JUwR0x3j1AwA+8/WAxvAopSgiiOiNN0Jno4GaU/obL7W0H2wMsE3Z3kA47U99NgkXuA1iANolKZ680SMlrttJBciBZSECdUoTA0Q08XG9TkG1SwHpegyIrqHaWhYkndvqM0DS3pOUb0x883WL7fL1BEjMz9XF9e3xM0ZttczLNKQRukx0JhuBiZ5xZQWch1vsT9mdKk296LrZbf1f8paQmP0FdjG9fdP5zc1vXJo73EOcnZsBL73NIGZLJJXuqkuLz7M7m4vdrimpO6++CfpKneiNOqrZIXVdYM6JeH3EpT2mqK9ABSckasFARbuCP8xIcNH6qqB0yufWZaRORBeZkP6jflvOitYS4DsoSjfQS40ENPoGLUVeFoIxrtneRKAD65F7IBkQjxCSsqimu2yZOkAKlGApBsq1Z6wPvsmG9qpud/bKl26SorXOiK/XNzucD5SkVM2eZbakuQS2yNL9gTc41Ign0CaGRP4PfL+h4HlS8stqzdFZ790DXoxj7PkVTYJhQRlhJ+7E5qHe8Fk6/VAqmtVhPfsiRmigkTwVA3dbUJp86d4E39jDkuY9iRj9plEfnE9hbn/fgCa/eps8XsacVt8/NvlTRe6C/sn/LUD+D/eD+n0QBXMzBrFuwCvbglNUwlK2ebDA3P8krrvj1YLBxCd2+ag/hhmym5ceElWlC9rotn+DGmaVCm25LC5drW52wQ5AujG9Pk+mod/jOKJW2EPaO1TvwHNnX3bEd7NlGhJuaL28WsemDxbE+o3qAKestbTy7V78/Hz3bUXA8q0zJ1JiSnCRdhHCyFzK3v8sqVECVzNzoaZIivIikWZGdnyyMUzeV4JgwVNVqHHM/IzaBRZlIchum3S2TDuDpIKUKiIMDRWWDtYGLAoZQKKUI3wNRHcycrul5f9KRWiIFzw07kUNE3MVx2kESuf06R32bulDRm3La10eaPIisr0mUrYAZTT1Q57WEIn/rS4vTkMzx6rQ2Jr3pRbDnFYRtVtCpr6Ju7axRE2xSdm9vWisa1tf01J2xayvWitWSq66Hrr1BLCFqQQGUvW7woptEhEpt4ZFfNdrpanpvOzuRRGcGSCppB+19nawypsf3vua8Y0NF77uQiKT66WZ3ZicLn2l+Ej1617Nq6rpWJoVSM0SUReUM4gtUZ3ios6u/xw8enq5oOVskG2Ja0Hs4MGWVZXU59Xa8I0kfBPSMzcVNJ1/2N5pAm4Of/V3B0ZNIS7uUo6G94cce2pOmSVEwtt5Gq0c3/IDTR8nPxwxhyne/dZ83povMIq5db87Ql4KuQsyagRqYjvlbfRFz4Nwcy1Obw9NhWTScleb1eV81NRaDVmOs/T1E4h3k4Sfal0CVwr8rxiyYpokDkKbaKemU5WkBIhSQEyp7z75BA/fnVGrjQBnojUqHjcNnyKPooOt7b7Fl4HPWLDALIixy33qRanTowWNHkETZ6p0XISYE+QnpGHILo6l4MQtRJlllYvckKJFKU2qKQbsX2aLWgCzms4SpnLhYYZDvir2AZkmYk5TlQ77ID6PdLYHlr4z+D562zWTgMaHwjwdGOlx8ilcm5mYv6KsmmHWUTnTkBMri7NFyh5olmJLikogJsp8/NQrNbKbE/CQT8L+dh9mARfsKU3J6GKQc02TUqlRQ7yjXujNz+XUE7mzj7TrYWgrpKTREgJic7W5gmZU61RI3GO5TVGK3iY2dq7jiHtMEHy4t/+tLk4RzJB3tz+2w4myEXJN73f/Yj7GiPtp9thtqjZVNaeZjeNRx/UZ3fjbVegmnCLbNPLdXSwxaCXuudCnhwt5D0gb5SV6ByNbdY3J3i/bK82+MGiqi5v7ncJppKUq1nP9Ewzot/cNw1TY32Dfd6uYZN5G0TL2eWiCH4vQa4xjiu4ubaDwi/Emxyzd6zXwm5tlL9M2SdcOTdvmGC7uLm3vQ8hRL20E+LuoRcG398uPp3f37ubRhWQsMXaOxecDryoJnMUullcd8F59YEnJyP8Au8OsCOCYersnZO/Pfzv2w/dU2ca3RnY8SZuV3iyI9Zin10XfMqm3aDm4CkIvwrW4xHQjjdzHcgHAJ6fdwIbEdDVfRudl3olJNMUwZ1z9QySzM3zp+6sD9Z+uzEZqMqE7qK+uvwFOFbvBbVPL9fdOkxBXaS5WxkVCOtwTka8mB8upk5J93Z6kCV3l7GZiI4hey3CPPK0/TQMeebvLuMu3B0kpUQ37iUoJs1NztDsQEO4RaXs+MC9Db9Hq+Fnap5U0jb9ZNeOJX6/MjXqeN9F3qLVSM+fKMvoPIP6WJtbtGuwHceZ+G2pysIoQvVBmzGyQUlB8ah0X57TQ/IA73AJ1iFV/4qqnQ7UQ0z3Qyfj4VM3wCl60QNGfSQrcyl5L3G4LqlSImFoU7+7U66peaVeutnaalCv3gXWHhvvVHdHrgYtyRlrnBV4jP82qMBC02y2bStM8spjUsFGfHjYExISIVO1yxPGwjSfZD2RtseB6Q/pkHWdPs/6ledJO+AftXVflFlWW/wVVWQOwDei1HuRdT1bYyOzs9WDLDwEi3Zuz5EMHbeXO7wTKafZ+o/pOS3dG8+3asX8EjhI6p04T0xkdITmsKAsKyXMJFA1PWSu52DAiy5pRmzbQd1B2Iop3/dQIgdak2cKlnn7vt4jqK/D4LiQNIdnIR/Vu7RI39meT13Ppy4naMj8eE6SVckfg2WRrs0n7RrlQmmSsUfI1kZMlJlZrpDsYq2dXUsXVotlcDDTx0fTuNnUZyN39aKMafk4x9G1jd5Dgv1ltupL8Wl530dsWrSQW71JUq4WIKU7Ugbe0L19MDDekTIWSZX8GF0/w4adbrmiT2DV4jGY8FqMd4LPK/NY0gjxdPevt3yabZVSTc/Ih7PlGWGa5JinSKg394fD1+pD2LgAlqzM9+xrJ2yLEyIkoTbVx3ZTUL1yH7caFbUfUiIHIswt1+qB8aL04VdDsbFQ6NUkq0HH5DkrgRY1lxu+Rk0ndu7cshoJJcHKJHQ2aeXxkitO7q8fbk+6vHrOMldrEMj11fUHQrWmyQqz+QSvPyexvV8ebHtd32/14R96z0yvnCB9sC4YPurl7O/QiKfk3L9hwkVnI2lSwYGkpfQmLZxa/5nBPLEcZr22tkkwr1netFuNOMHmIweIXa4fVLYg1L9xR2X47ZOH2JEr3JYg4RSomsCoNtiJ/whkae3pzRYhH7QtVKrwqxBxZYWIb15IwsVQCA5TX/jg3Tdb/dj8WJQ4TgHxMyKqGIQqM7VhKUwHNYI9Mwh63A7enRvGZeS7kx6p0W3PyI1wEnQj42BkmiMAj5oIWuWB21zQQoonlhoVQrTlDwG+ZLwyy44QBvZJHRPxZkK4xW297BKsoUrZASQiLyRTUD0aRyDOmVKML/fA3G2e20TMattEaQk0t4N4BgmIPANtngAuP792JxRSJO1MAlK/TYbSn55ALjLx/LqD5EKTFDL2BNKul/tEtefMnbuZxGA6YookGAg0BxxLRovCzI7tVMj6psAP8jfafNY8MhXk82zQDK1ZDqkou7X0/Q0YjVOFfRFR6npcfbLTMSuoxKScPR5bHZK+FlNU2S1dIGkiuKaMg7SDwSvKhaCtMFHCCj940ZLaOFllUBqdp9XRzopO+kNETYyT68sfSMqWoHRDyzBDBK6H0KgVfR9TMbz/5fz9fnC+/+GvkQF9/8Nf94AUNkE8VJ/Cc8rHr1Q7bcR5CR+eJaUWi80tGcGG3jCh42RZhaaCaY5HUpoJXZAVmANvBGL1++oOGD0Yxf6I6TDelOYVNi1IytTjYO6vlqLoNgJP1bHqCVMpcMX0uqYN4m7sfquE54l+rdTbjw+7ZN6WKia90W8K5EYYRykl5lY+3I5UPguqVEfPe6C6dS1uA2XeCY7GaujSTkSeUx4R34VtsJmuvDUHK5gMZPeTa5oNSy5LNISEaXK42AIvWqYswhEP805QU4IoO0QN2SZuRgzT/NyzP1pP/caIw/OR2t97S9uYPMIe+wiJE0x5z9liASl2E2wmW+4ist1KHglV3YMxpwpqAdMLXbxDZ8GYYOmPNbv71eWga7rP9zcpPyMC5Uz35Nyh/xCDioKNpWIjCDET7i3s9uCYndZKdSRxVvOu7h7eH3OwhlBNZ8mKcg6b1u2RCeodNB0vhQ0UMLIcGc9cB7tmpZtrhz3174BuNW3khPpX2e35/d9JjlxUimixXGbWYINKhRRZG3wvXm+mYnzZ5eghe+d9Np0+ng6GcaZZxVtkZ3zIwk0ah9ZunWOCpkkCRQzMRt06jIwwwE3r5nHuH7geuMB4vYwpDdwMIgTrjRpIkG/PMVUWp0E9C/loIKVMQoIMVi7Oi6k6Fx3jZ+SnNcnpY1gEq/s6z8+bszcn5BkwQcXfvbalkmegFDqtNAY75QINVzyRoPEYpUwlwhl3fIwZvFhWTDIvTROPXDzzGkamiHg0sqscDBtP8rRPyZogrbym56PFnSKarckzZdqvLe2Iabc/g3dYfqD7/WL0pdSerUgQhtRT89Ddpp+ShoH798Mc4wtRcm2e48KojMkjWYlnklO+9miV9VNjIBG8QFIOx6oWlv9j5lvo3IyTEmD+VkIJ7v5x6CpXuot14hoPERearEHXWCW1QEs4DhNSsoIR4TNdV+w+TqJNL09D5BCaYBi1kL5nvHqHDrzjMt76DJ2E9hJs2mwF1/cRLir/Aq1CfMdlwGdU6Rkt9WrWRxiyh6zfrtovJUsXumgq921r+ickYyn1Crh2IRLvFCQlRp/nYPQeprzZniojmTvSCVd6lFllkt3kl4edDCc236o/DGJSDOedD3+w4QYFKyBjHFIXeMB40Lcrj+SisVHeVap5lbo1gtW0VLM+5pRJltN7bDO8ISToUo7lY6o4Jhdi1pudMmmCcRsiwcr7l5e6lQ9jA8MzbTrcqJM4jHav+dV0OTnWpCuKx8WaOAVOSDSRPlGJvNlUa8nmpRHWNY3NJvBl1Fl7KTpvWFJmtH0Bt3Z4QdnQEPc1JrbXJBgTrThkyamRakb0FSDNAkFaSygaI7y90N/7yulI4TzclVNI8cJi+lrOs8yb5FZAU5BOGcnpunoTuFGgrA7xVlR5NEMGI8qXMOtOzI6S0MCawhjfM1SpMgfy/V/+ajc3zbwLoW5JGUeHaCcGM+IintwHpEZJXMQLzq3tCDtXjegYT1t3I/xn8AXXDhMwuiHjSVamTjk8If8sla6tr219MBTFCLIvYOBOoh5t4EKyJXraY4YDciJkioK3GvaiYXKtVWeoAqHGQA1m70PjDYbvyVC9P/cYM2s30u5AjVx43eUfG+OGSF919XdC+oqLPxZndZ4iPy+81a7yuGMMtHmSaVbFUTVuV69hzkU6mEkedsKr4t5IQW0Cr5R13XBCHNNDf2X6Hspu6bkNW8Q90x1eQU9vfSIKw6UNo9CQZWyJcSehvxEGuvDZKJ7UfoDegYqmdL2qgaxSEcYwLm51ZuyF0gVCV7gQstF5cRv9+OP55eXdCXHEvyEA2qv3bgyjSm7wfvLQGEPAOTbAa+8/lytBN+K4GxYOm7vqSdmWglgiKoHWXqtLv4SiB5hcMzxYJLM6zGj/0SzA1BzwCGh8mx967w3Pa0kOpqdavaicapcrtBPeCDEFB9k2Jdtpz/juTAs+iaAKVN8oikFLLXKqHf/ZgmWZDa0dE4PRO1kCWYMON1dGIzmpQl56j5Ub88STFSPGJNoYu/fAtgH6XupTtIizEzpvdDx0Mc0oH2xpQdFgr7RH26lJjUsZZxM1VHcFOvv7mPR7S9MeD/q94323/m9VFkXGIHUQvXUKhzIUghY1GxgZ+qs8m40YdQTVmNIV87UZXdag2YU7RNmbj8wOkGV3XosZY4v2VljZPMeGORbh+jPx/y3agnEvudgYsUEfb7Af8f2CrnUMPvPclxUXir8MKNLX+LACIxBGDLipZA0PO+i18rWKVl3d7VKwirNkk3h0DzvbDUseeVUZpnLgjwxdiR+kvA+aLyj+F02Q8YD8HYNxNuMrJoQlp2l3gN/E3Pq1aZE5x1ftOhgdeJh0S5Ypr+aO8ObtDW5rtN5wJy9WvfF+5YmMC04xP7e9znwmk3dpkpwq4OmQN9//XF5cVNkxIfRgi5ZIhmO7yVB896uNth41bkbug8IJDfUc6x7YLZY+crx48f7ojV2noDPyfKxOEzVlcPuYOoLN2wPqCzT3gB9BzkGKMQw3h7itf3Xd71Jj0h6/yErjna8padb7FAkqqwgecu8YCd+e339HhCQPDOn2f5bUlrELv3/4+f67US7OeMhdUTc+XDzS8SpGfMi4YY/pu0w6sqz3cEb7BbOcTkOpc1K2zL+vm0HR/fT/YHBuq9ZL4qZFbEMxjjXviWYRa4f0VL9wOY7tStkjB+SOK2LFPsaY+7hmbW6iyFiwkxFgUrrur8+1146rGCtMHyiYtUXIlJ+wQSduwoo2zdI+pFcWAfBErgtLAdJfTjvsHSGfqUxpOw92DynzsWrUz8uQ+lfdUxye46K5803uisV+PNoxpWXL60niiJ5fqLK8U3Z8paMecQTOfwTl+91w1GcdMIeuWlzx8W6GJ/56eTF0dKCVabPHxbS9ntc+r7auF3iz9R2ebd1zSSplxsyKpZjbdhGSYXN8ZHhNbdosfFIBHvscLPv8H5HB3lflGZJdprUZkvY176Z7m8j59ewmNRXwa2yqbWCDjirSeflaj0vb+W70qluKI00OveTbagLVPFGD9kZ4wfzO2PhCs95dEmKL0BE0kjQYE6Rm2+pyT8rdut1So8wu8Dvs+TSHPKeD+TnXdk/YpLVWpdGwbdfq99eKmrpe3//t0y6btp0Mued+SOrZm2YLMKXKQR0zKkcHcm37REjb/W45+HvaG9qI6oRjfoKwE0iHnwLiOeKJaHIJ0cXCEgOYTk6Qy5OPCWA05zveermb1gm1Nowq6Ec3LVBRU9tusPWdzk5whkUtKXbVqu/pvc21wJ1xNEEsyYsjYbu6uB5LXoSm8KhU5LxRdLNFkKcYX2YuXMVnldc8+OistptrDHJH8Hegad2f3m/MGP5F7b0ntTfO4nHiT+zO7I46GXPQ/sU63Ds3Xx2H7wI/8/Ux+brj8u3T+eJA/8XpO3gJHbAUydVlSDGdLjq5aPlo9vFJbJScHKVsRM2SR86nMqccL0J0AwTqMid+RoFS5fygoFQ5Px3nPOy2Y0woY1opXIkouXaahOV72OZOrahnXNJtvInxVRZcFXjTgysrQ5ny4ZWj1gvBYW+d6DS8bNr9htbMFYmqfSzsoD1wWm9M5No3rlGnBVaEPdQFTe+k+0NOWTabi3Q9c0U+u9EOTWlbsv9kQ/f40laisqS58KI9lYnRFDLIAfcm2hFsczZeF14KylMiuBtG+/YK17ijPTYDGZTQdrgpZHQ90+IRpq9Nx2vBjtYcMnv1mvbDaihwpHQJLZ2aMS9Zpk8Zt6iQAsyZQmnGdLsiuxYEkWOAmb/c8bsEWLDE2G5DyTpz2J4g9YokfrzVcvg0tl+jsfA1V1NbgtvXlBh6oIeHX8ydX+naNQ30eWV2fu1KrArQhfNbSqPmoUMf0rLI8DHHl35nDd4NRSFBqdmiJ15mGtF0x8vBgM2AL12dIeZri+P+cWqAG6jLbJlDgDe49VMpiuIQxTwDA5d9Ol3deiOyTdWx3SLdSwrcbCX/lKJoj+yAHS5DndVjX45pcr55+HS9i9XMVk+Ot90va9WYd4/CXgml497dv7gWJ4CJHufWYsC3dYosbWYzShG9SLb/RdkXVlTPNYg7axv5BjvNWpereXocRE+I+f5+67R1hTbbjuJivby57zgKFSkxJRe/nH/69OHm5w8jvcMc9JyJI0C/Af3T1efY8LWEIwQLPEiA3YEHLotExS2E8N+jpffni/tNQj9CPvOMcSAXlXPeU9Xd+qKnb80XvzszH12TRALqEcHN6hTUbl/qVh86y2APy3pb1cQwCZb6hzcOd6P+dL3/FVXdlByTIt2ypZBMr/qjUvdKWsDwsdBHCHfzap31fErzlLSf5Kn7p19hbf5lDMMEfv4g0vA4mTwhxG7l5+MN5kQbrbYEtTI6Vn/8+SbmR2g/NY4DuSjnGUtMB8OXIaPZzBoK4x2je2y2Zn9EDcJ7j4dDjposmhFxWbE0HZCEJ/EYrxSHeYr0Hpcxcd89xOfmhdMgPa+N0Lm3zDjGUFF0Vg4ncUTSXVU5fCrUoGIWHdO1x8KsOjxMERYGQ943F8fZDp0DayWeMcvdEqxrUTNEJUJKSMYwYvC2VSkW/sw8qfXGMDg8N+o70bkodX1w3gFXX1yf6b2lHmxll3yl52qxW4hH5Hyrh/CoeaPIE0gk4rZWsEFLUTwUDaWIKaypgNZ3S7aOfxxTnpMmK8Zju0moXIL2bVfVCgK3RCLygrmSIMNJ6Oajsw6p3HtwxkCs2ZvqwJwWTIcerK3H1J5TJuH3kklIiSiM5odCZ6009GUq1Xw59nNx4YRma7E2DqAWRJZ8dAF6pmbwEjEF5krVnfC13Y4+HyQgpdxRDOGn/tcgvr/++7xVST0WQvLXfz+dM13DOYCnVKBmVGXdit80cmQBNUgYByA1OXdmy/uCJkA+0bW5HO4oT0XO/sALYwzSFDZv8ehAL6mm5APOn5G0txKegI/Fl4gUZhhlKdtOhmhQwdyyCVhO9dAbSVaQPKoxMBV0P1kjYCsVxhWUiWW/rmK9VxT9KgPwVlTNWG4WYqbjJrM1YaJCRTmxfZExR8VAs/rBcaDZvkZDM2rVcYAFyvmGKjcWZwrzcjnrKJofGSfBjkbBcs7Z/Wiwe4qwIlVtqBJvncAnhDlq2y3qrqQpe7VUljvsfBe1d1/7fnf0km8VI7y3c27WVMx4GK7PL7zDbQcIC0lzSDE3pRNKqwrbmOwEd39aY7GLDWw6+5ztuAHUOkMx5jdbE0pWjOuKOfnu/PLqt3tvc7Y5GD2tEhv00FDMVoI7N3Ars6VzXmxsyqw1/GmzcmcjXSqXaPfAE5Fl1sQThv1Qcg7ZqU3+PP3A00KYaQlybfCNgBGkM/PYjbfVLmyr+ITeYa+hZXqf8ihdE7utTGWyolkGfAnVFC8qUji1chYL7U5vw2k4+GS17BrxhnIf3JNGXV9gFMuGG3MozUx3U25NTqXxYR5kDvoZwIdjShXS6/Eg1oJO/nyOgzg9x6qFfw4rIySqCVIKWePXdEEckBd6fYLh8kC5i7ysNer7QkbmWvqdOeMjSCozsVxOj3fYlu7EFEbM0EwCTdfW6GV7w3lxfINsyYXsKmUl09cqEH53ebtbKpB4ZBGvywtszxV+RM9OwyPuzSPVqdXrwjEr0nDPHvt4WsOgbbaLMZBc6TeKUJKzl3BezDxzWAptj5HLFvWnQuEu+fniIsgrtLG0+OuHC6TYImqznuSSvTwjrj6bb5okK6E2XcAD+B5hPRdUprMMn9Lx0P3qGia2YfI2o3xZ0iV8Fwy4zQ01cFn2m0OnGOXnJcsOVIvT7Cs3NG9m3XKMukfdHnlXmG8kwDe1PO+d0RVSpGXSkZMWCdytbd8RDey8bVJQj1p0K4pT9s0zS7dwyOxVm/TSQrVdTF6PFbDl6kBFkD1C28dkiInIhOysQULi7BmbDJ4J6eoyBrqhjTPoclhWbLma1UDZTXBMApyORL5IU3HVSlZj3jvoaKp8tienWI3VSK+KwKpJlO3zSMzYXSNlf0xrY7ZEuYXgZ+/K3FVwgIHm2NHJf5398Jf/QEWvYgLlWJVGNk1OyYqyMXRMBcic8m1URXtVoW+Vyw0B1HWwQraxu/KGFhxGkUNeCEnlUMxGtdLR9nIGT9BPQLfXZv5QEathL+1UzDH0g6BX4kCXVQ2g7WY0wipEucerOek19IB0IZXb3Lx/zKlFFSVAGlRhVbfSOgnS22ILMYpMi3c+1H6mVNZkRfmu1djHjC5b8m3hc7SxMiumbt/ff+p44S3mr/XC+/jTLi88p0VGO6EHpFvL6T8761WRuIFq16aboF039JCR8XQ540cBarrZGegRmMxec6G2vktbQF9xoUY9oDtIJacfze40DBJHv/hHMxNjShYGOdJF2iR72UDqrtYtqmeYzhWVMFtkNCIHRYNQyb4j0M7ICbwkWamMEm3TeE3n6UhiGvdO3SuZt6OwR+1lrxJprcQ2MMZHCNL+KmLb3rx7GK//UX/fTkfV+dDdA9YvjUftKFxhm7Elp7qUrxVYeO/730WriEsz4CisNimEwswQjH4ZOq5sGZXbaJPEsELjKpdjba+hJ5IBvo9jrJNpR0ioPvVUMSJsIj1FkPhcHzOB5Twu0g+e2YkUdG20cFveRUjL+TSSbN2sa5cFYPRp3cZ2o9hSnZBSlba4kxQ5UWWeU7m2VocRWZiHA2daVycWFe3DVU3Ta7mc7q92cjnVSKxjlxK+C1VdrQWEFZAxDqmz5Dlagib7UrOo/7vgoRnm2q4U7d9L4D2sZFP0uDi6UXfS399Bzq1Hwdkvzep5N+zbq5u/Xz18OCF3H36+un/4cEdAJ2d9tT3qkDvzdiJBvhBc45o68XZxD7//6Kvth8CAUSm3pWTxxNtvd1eNmXSzOKSr9WWHTKuDsjE3l1TDxLlx8KPt4q1lLaJuCL99P0qRh8HfCDMTNjJ/+T+dR9rc3G9UkPe0KIDXWM5sWSejsiktGZIaiMUCfbnmzWMDAEacBr0ZkXOggT8IP9wx9md6qPoFDzU/jid4NtITedMEx55PSJ3qsdqaFv6YKtzIYGPJM3qH0VNUbIqQsX8//YQdTj5SWyhnv/Qz5e7B/+cOVRj5F3S6VINp+Ns/XaNsZzbosLUtIt6mGIN4OrgPgmmcZlnUJ2hr2miWnV5dTpRG3eUSIsJzZRKm6mYK5Iwu45aJ20D4mwJ5em76mDqH/XngX1ZRtfuKBrBVoGfQhB4eIocqtubQeXm2E8BgWKSSs5ZAirhZ/mE7GHv47bcj0yr3Cc4HbHJIbIZdm89nzYIJx7QPuN53C0uNXIW5XuGhzsw8VnDODoJIlfN+UDuE3/uiEfHQ+arVoRxFD77hsgvRmTOsKoSXf6iO4TPTx5XJkLp7poZp/jrSFETJU2IUW5teHc6if5Q6iF6rHIC2zVs/rep35ZS8v/5px9La8dOpaiVmIW0mVm1jXyDbibH2AHS1CEFqDapl08tG/JqEWuEiNPyE2SylxFJjo2bVNDTbsyxttzzxIXYI9W3K1KP1Op2QQhptQvq/GiAp2kdPtpr46vRWo5WeMTNeSWMJC5DAE0gdwfUJUVpIIEyTFdQLMNmfvWjw9nIrf/S10NkiFK/YkqRSB0W7CmxFgnVuDdm4VTOxJBISIc28elv4CHzdld8igPutiryuLfQWCgWy4V3phbVP/Ip+6fx1bw7gDgMmliYYsyTdwN1rXSPBhRnTyOAVeVSUEhJgTwMQawrl+5lYmAVNZymjGSQ64h3fX9lf5XPzv/enOWV8qOzZpQNGHNLdlL58/v24Ie5d4q17jN9HHWP9KYA19F/pMWCUECNId0rr7hSf+7jQJ4rM6jrsfghMclpeXQbRaBm/x3HM7KOXdTMr7XC3bbF67gHiluoVKcosq5swndrlK/VslE8yypqQ28qbV6lG8MREqSJXPLjy0hNnz27UMHtOgfT8Yp4b4o0KaMiIfEfF/ugGvHvNiJ/WGrC9emGrIXWV9fFRDCp/XUXOc1Ca5oXqRmB/BglKMdCwlflLdiKW67e2uzVyzANm/GOSVFaUt5ORI0OynYyGZIm9DgzJZraOhJSLFIsNHBYT9rLehikovlHr+fz2W58wN3L18uLDu7vbi+47Obelil7vVp5du2JJO9zLccV/Pd4Upb5pfgSH+h7P6O0VjyQ0qwBGf1bbrDnUx2axGe2QK9Hx2dXwj4p53seGvdXEcn/90/cnPrrZzrO/HBlPstKouOSjkOaD708aaYP4lVbb/tsppGXiyBl8S4Qq8gxZ1nXg9KsFy10/fCnRcuc2lBDJDb3mi0BttJyPjGs4nZ2Cg8TwrjppLZjueQUSSF5mmhVZjQwBy7rVtLbB4OzsgE7dXyAT41w6WEmoI+Rin5BYrOXjqIJAkQWaj10A2fX51Sfy8e7z9Th4Mil0VPf3VnB3F7cP5OHzOGi9QW67E5d2RbiNAxF35TZxfDQPlFE4Dhmh8DByKyeT6chG+CQvRu7X48RrjJ2SXMXNF9gEc62WV5fjoDA+O/zkXPFTH88yDtWx4kXGoXmZ+Sq6jC/72NuiwPqv089VT6dXtyOlDZNKz6wVtYeTaiojWwOdJem6c/2MXElIBE+PAM52tCO6jOLEFVk3Ve1kb5hpt9JePO21C6Wzyo4Ybw/ufetM4VGMHMgXL4Sqw4GMMZ6t+Klp4VM6m1wkrONdUSur5xa3pouuqCLqmWGSllno0qir5OHT/aCdEEsph8PSrwDuCdrRdPzZHxarsPzZL7UvAKi0e+I4YMPaM1Uzx/pktPWnPSigB+C7mG/fS1Vj0to+56XGCN81DET5BhFasjSiF6lOFtFysejiHbpBhkgizh1HLqTkCRJXwb1ZtdlxRVCtqd9sujrjQ1e/mj3DvKNkZ8w95sWNtUvjK0+KcrkilLjO8QUpF7ReTTbcHjx/tdfyzfVOr2VPa9n99phUxRMIzfGZ7At2thkzC5o8giZzyAS3ZWGtemPAuwTuQGvripYIDmP8K3uGA3WPp8ZTgBAHuZjqUXkl75Mn0+uK+GZ9Wd2GpoMQ3QxvJgjb+9xmyAdGSYzMoYoUVGo/xjeKvH16j4vw9H3yHaFpzjhTWqIB7p2nWbScyc9CPp6RewBy9/GCvH//w/9PhLR//o+/vB+YoyXEy6ByIWT9hA57RQg3qa+eqGRYP2XOkCEfa/T/DPrO5UX+DPoGXvxfye3lb07shTrCW5kK6sOal9nj7EsY209l9hhjQD6275UXyoJ45/+w85Cq18I3tIXvYfKeDZcKU0VG1zMrneLJvnNvnq99LjyNjdSz+8po2eDYwYf0/2KmWF8m8h41gxpFwnqgkSSjLFeE6TdOCywLgmg6NAqRPL5aAMrni1/vYxFoTYz8cYS79YvYoBrxuounHYfCxb7+ZuD9NpPDAn16IcXLUIx3QZXqQLBPBJhrMQa6A0WgO2I8L0uo1pAX2pwV+9QcCy923vXWqMm9gjltqYIaIao9S77sArnwFespr6ohUEeiIslc9Lpz6/jNmd33uhiJ33Q1sDpzUfZkfXxZa+M2JcL9elakgXrEaiS00KWE2VaBM+nNfAkaZM54jT/ViyDvY3ad+7D/ijSk44JrVGM+6vV2/8vXWScyZRL2CvPsWFPfZAeRakhDsDLhmSq8WhKa4SENZKeMd+SdI12bNven/bSP8/On7fNvDz99/u3m8oxc3eAfql8pCCUGWs2KohCKYYSeLseUBUH6oXZx5z3Xz1rI3yjTAtGrMp9jmMuISJzp+skAkp120p4KWxuKOVN5g4vy7XsjPr8fiu/pK6Q+OXzyghUrkFW7qkZAw1T7PWN/BrOQsdV976X+J1rFE10r+86wsMGYKEaRF9IO7HAQa51MwdhzECMCdG4rlE2PsH6jKpgj8D3CegYvNnr0cBiNvPC9TJnFdtG0iOAUW6Jx9u31+cV3Y9GFgxyTptW9FPa2iYxhtN8gP7VdK/IMRMxxS6Vn5hsS452zZ7pWhHbpeoRkQK3d+sS+6okSud+WiuRIf+mrl3LR7pjQeiRe/Qer69gSmNQ6ZbnQzmOLVLOZ52pXQKgEX2xH1ZF0tuzRuXJxRD+L0wVFL47BR97C2fKsUvTOby5JUc4fYT2G8iwS2273jj1vTp+tTdSlZ2avpmd+imVEmaQe3N9/evfw6T7cyCExd5SnsfPGi4DGtktUyTTsCqmUTxHjmD9kmfllYtvdxEKeV8CdneLDxeUv78x/PgyzWZV5zHJrloBfEE/a719e3mdm8LpOiYTKqmLumZxqkIxm4cJBLajjuAGVGQM5vogChxe9d72tjuh2eNFVrS1dL2UoFNRsRrQoMn/uM7oGiYiqr5qXBx9htgal6TxjajV9yTqiyjuXzKieKgvrFuIAahBq7ODZkEXsiWYs7ffjTqJG77IBkjjaxZ0tHOfqx/jSKtUgKnvBTqVGtnIDHR3wiav5ShX5XAA34r/2BYN1TJQXzfoKH006U5+MSoJtVgIOHTxpKf1xGn3utzxgp+y4w/EQNCKynAUNc2dc3IeQ4T6qZAW50uHQqrr46cFJakFVlYnEGbz63+D1GcBa4Fhh6DDb+AKLFzV3cSsP2o1SC79dgTCNRDFFBrp6Foyt4lQNatYVrhRpaJ1RR/XDanPKQp2Dyg0xPBcjBsmUKieUDhlD/OVCfmtM5fahgoG3tuRWvVzV9gFUP2NYHxKR566+eufnhldu5CCJI1AS3Fnaowx2YGwl17LL/hB9XNiRJZY7wsDQJNsOOTrAyD65no4xKiGXlLM/unScA4zsc623Y4+OZrOSs26TwsEGSTNiOj3GWI1ieQRxcq9d9T6s6seTdmmKmAPcngFCDnARfOOi/xsS9t+KeP/WBPq3LcK/QaG935BGOPAnERJ/CW829+D815ttl3KPX+qbbXMA1c/XcHHvOdgv9xo/5MC+mjfbTqN6/Sv+WKP7Ei78Q471i7j+Yw/wC3yzfd2i/xsS9t+KeP/WBPq3LcK/QaG985Dq6F8r4wn73onWD2ImGt0C1rummiyBg7QU+45594xcC6WzNT6FkqxUepjkIodctATpHulY5yG927bs2fyztYsNNP93/dNgClTyCD0E0VMe4oHtofciH1ONq9uBXFWYdair3lxEnfb0KXbvIDnAEx1T1z2VoiiOhNr1tR0zYQsigaZIbcmekHNlsWDJqLzeTr6cwwwG4xaEpRXIGH+MOqqQzbTWO3D5Dif3HmF+EHLo6iCzUoWIxJsbnXQp2dtV8DFaMZKtbL8H+8OHybjJNz8PF7f1eWkKRSsod9F8jw8Yz5PdLdMkWZl+3Sv42+VXtoKbgPdeQZbkX/cSXl1cf2Vr2EI8aRFDCOsT8KPqVHtlXlR3lsUdUav6vYTyaLBRV1/RJ7BBvLbvSUMIlyHLQcasmtm9l6NOhsVMVLKCtMzCBExbv16BESOr3RUfq5J+Ksx2EIPMlVlEpfAoi4OQ978gjrssFrTtM1s72q0RJGApV310SV/4Ml3e3AcGoK9ttRrY6TNlWL6LWhbjwUwZqhTk82w96y3eEvtREWX4vjSMUaZTqqlRM6rBjFijjkKBB4KI9Q2mYZS0v6xxVIyOts50iEVUJ8Et+SMXz/3xGFERu846kJK3voiD4Nma3F6dk3m5WIAkEnM/uXgeSofXvvjPLGutwB4GvE902SBlfKZZRpJMJI9I+OcWQVeVhwatBMFqu1aZeK2aLLbzXey2C5qwDsfMPnmNFoNvOESsjOM2VfAE8hB4fMM74nGfigfnYQWkyCjjRMOLbqMIG7/kHF4vU3cnRhgdtX55oyotzsJQpn3kUn91AIGoGF84IsHXdNpermdg8rWKpf/D9L3LenX4x/dw1iB7QM3hhVPRN1/dC5imzHkgGV9MrmfQ4acJDRPTsMwds0CSiLygfO0T/izkUbXJudB9xaP2Il4OWbEWC5ILZUoQXUqOicpYYtr2PuRXiuqLQ4EV/HG+oIJ3yCHaikh3BVmxKM1se9ccSaHIxDpHM4GZYSTZZUmZ0eC+I1ykgF+nWE1WS6RdJlpggz4Acu0YJbs/PUSaHYIoY04NlmqDLMWC38JRrj+x1KfLU7+1VM2T6W+gopSFUHhuUkhLl8LNl/Y7Clk2arg91bEjeZ8HOnHTXiitxLjSlCfN03i2AdUzJKawYBxaUBPBEyh0SbNsTSjx0KxArOpQ2qZbovDlh7/8xytJQtP1LoIwZi2XjzZUN9TAqnn8h3xJ1SdHP/sGwPxEFUuaMm8uSr0ZOrwr61M3JQfZ9V3RHUrxd0fLYd/TY8LWkM2hF8xekdn3liliPJaDh9BNj4k7chRZkICuClg99EVtjmUA+iuF88UbwisEvsUD/4rRbocZxKuGuMUb0qvFte03hMOnnVxhy9+EpLSTZHF/zeJywji+MJk5YQRfqODccyRfrPScMK4vUoSOHMe48x5BCUaupLe5UJqoAhID8zvXK0IYgRGzMQ8h6i82aajQSBcM9hOvgI7CbU3EPbXmR4I2Pw8eI5nDQkj3+m5uA+SwxFGN3M4l161qYIcDThca5GTcNYLZnTfGqEirHgblZg9Rjne9/PwjrEfx65LthvMDoPwV1tjcCWELhFlQqcCWvVkTUQBXKiNvgekVSCIVPSGpokZqQbKN1bQ+kgz4ssV32xzLDsFi28di+zICdM50X6RKHZxiS06xCMC2vRFBYN5sJOthpzuxLsNLIXg7Oz8Svg+uddwJd/fnp8NGKjLANxoJ2YVpGmF9uBiBKqxsy9w+2WTmMxVphiz9mj05t0YgxAslAaYb0NJWuHik+fvElPYhKMC1ZGBLWZ3fjAkXkOywqH67u9odFXRUuIyMC7vYHVmrfG8Fq/NXOyC6ut0djjBy21rSD0Qt/SDLwLRbv/ETwTVlHFKL4QTvfwmJWHL2h/lXae+a1J4kC3Eo34QqlswSwZWWlO0SyzvKJl5rOOrJrn11Rku9Eh1RDJFW4+KcLDK6xLogQpo5H7FJCqpXs95bOoL5/pq+sLzMsSN3RQ/Ru4rlLOkjd53kTL2tqvcWImPJul6/V2XvMrE8XQmlTa/qVPBs3azl22rwkyvpskHLwhTy1ksbqc0WuBRakI9nf/q/AQAA//8i4KAm" } diff --git a/x-pack/filebeat/module/zeek/signature/_meta/fields.yml b/x-pack/filebeat/module/zeek/signature/_meta/fields.yml new file mode 100644 index 00000000000..7637ddd532b --- /dev/null +++ b/x-pack/filebeat/module/zeek/signature/_meta/fields.yml @@ -0,0 +1,35 @@ +- name: signature + type: group + default_field: false + description: > + Fields exported by the Zeek Signature log. + fields: + - name: note + type: keyword + description: > + Notice associated with signature event. + + - name: sig_id + type: keyword + description: > + The name of the signature that matched. + + - name: event_msg + type: keyword + description: > + A more descriptive message of the signature-matching event. + + - name: sub_msg + type: keyword + description: > + Extracted payload data or extra message. + + - name: sig_count + type: integer + description: > + Number of sigs, usually from summary count. + + - name: host_count + type: integer + description: > + Number of hosts, from a summary count. diff --git a/x-pack/filebeat/module/zeek/signature/config/signature.yml b/x-pack/filebeat/module/zeek/signature/config/signature.yml new file mode 100644 index 00000000000..e6bef4d1a9d --- /dev/null +++ b/x-pack/filebeat/module/zeek/signature/config/signature.yml @@ -0,0 +1,50 @@ +type: log +paths: +{{ range $i, $path := .paths }} + - {{$path}} +{{ end }} +exclude_files: [".gz$"] +tags: {{.tags | tojson}} +publisher_pipeline.disable_host: {{ inList .tags "forwarded" }} + +processors: + - rename: + fields: + - {from: message, to: event.original} + - decode_json_fields: + fields: [event.original] + target: zeek.signature + - convert: + ignore_missing: true + fields: + - {from: zeek.signature.src_addr, to: source.address} + - {from: zeek.signature.src_addr, to: source.ip, type: ip} + - {from: zeek.signature.src_port, to: source.port, type: long} + - {from: zeek.signature.dst_addr, to: destination.address} + - {from: zeek.signature.dst_addr, to: destination.ip, type: ip} + - {from: zeek.signature.dst_port, to: destination.port, type: long} + - rename: + ignore_missing: true + fields: + - from: zeek.signature.uid + to: zeek.session_id + - from: zeek.signature.sig_id + to: rule.id + - from: zeek.signature.event_msg + to: rule.description + - drop_fields: + ignore_missing: true + fields: + - zeek.signature.src_addr + - zeek.signature.src_port + - zeek.signature.dst_addr + - zeek.signature.dst_port + - add_fields: + target: event + fields: + kind: alert + - community_id: + - add_fields: + target: '' + fields: + ecs.version: 1.7.0 diff --git a/x-pack/filebeat/module/zeek/signature/ingest/pipeline.yml b/x-pack/filebeat/module/zeek/signature/ingest/pipeline.yml new file mode 100644 index 00000000000..539ea5d7912 --- /dev/null +++ b/x-pack/filebeat/module/zeek/signature/ingest/pipeline.yml @@ -0,0 +1,89 @@ +--- +description: Pipeline for normalizing Zeek signature.log. +processors: + - set: + field: event.ingested + value: '{{_ingest.timestamp}}' + - set: + field: event.created + value: '{{@timestamp}}' + - date: + field: zeek.signature.ts + formats: + - UNIX + - remove: + field: zeek.signature.ts + # IP Geolocation Lookup + - geoip: + if: ctx.source?.geo == null + field: source.ip + target_field: source.geo + ignore_missing: true + properties: + - city_name + - continent_name + - country_iso_code + - country_name + - location + - region_iso_code + - region_name + - geoip: + if: ctx.destination?.geo == null + field: destination.ip + target_field: destination.geo + ignore_missing: true + properties: + - city_name + - continent_name + - country_iso_code + - country_name + - location + - region_iso_code + - region_name + + # IP Autonomous System (AS) Lookup + - geoip: + database_file: GeoLite2-ASN.mmdb + field: source.ip + target_field: source.as + properties: + - asn + - organization_name + ignore_missing: true + - geoip: + database_file: GeoLite2-ASN.mmdb + field: destination.ip + target_field: destination.as + properties: + - asn + - organization_name + ignore_missing: true + - rename: + field: source.as.asn + target_field: source.as.number + ignore_missing: true + - rename: + field: source.as.organization_name + target_field: source.as.organization.name + ignore_missing: true + - rename: + field: destination.as.asn + target_field: destination.as.number + ignore_missing: true + - rename: + field: destination.as.organization_name + target_field: destination.as.organization.name + ignore_missing: true + - append: + field: "related.ip" + value: "{{source.ip}}" + if: "ctx?.source?.ip != null" + - append: + field: "related.ip" + value: "{{destination.ip}}" + if: "ctx?.destination?.ip != null" + +on_failure: + - set: + field: error.message + value: "{{ _ingest.on_failure_message }}" diff --git a/x-pack/filebeat/module/zeek/signature/manifest.yml b/x-pack/filebeat/module/zeek/signature/manifest.yml new file mode 100644 index 00000000000..e0d005622d0 --- /dev/null +++ b/x-pack/filebeat/module/zeek/signature/manifest.yml @@ -0,0 +1,19 @@ +module_version: 1.0 + +var: + - name: paths + default: + - /var/log/bro/current/signatures.log + os.linux: + - /var/log/bro/current/signatures.log + os.darwin: + - /usr/local/var/logs/current/signatures.log + - name: tags + default: [zeek.signature] + +ingest_pipeline: ingest/pipeline.yml +input: config/signature.yml + +requires.processors: +- name: geoip + plugin: ingest-geoip diff --git a/x-pack/filebeat/module/zeek/signature/test/signature-json.log b/x-pack/filebeat/module/zeek/signature/test/signature-json.log new file mode 100644 index 00000000000..4725117d90e --- /dev/null +++ b/x-pack/filebeat/module/zeek/signature/test/signature-json.log @@ -0,0 +1 @@ +{"ts": 1611852809.869245,"uid": "CbjAXE4CBxJ8W7VoJg","src_addr": "124.51.137.154","src_port": 51617,"dst_addr": "160.218.27.63","dst_port": 445,"note": "Signatures::Sensitive_Signature","sig_id": "my-second-sig","event_msg": "124.51.137.154: TCP traffic","sub_msg": ""} diff --git a/x-pack/filebeat/module/zeek/signature/test/signature-json.log-expected.json b/x-pack/filebeat/module/zeek/signature/test/signature-json.log-expected.json new file mode 100644 index 00000000000..d06eb256245 --- /dev/null +++ b/x-pack/filebeat/module/zeek/signature/test/signature-json.log-expected.json @@ -0,0 +1,48 @@ +[ + { + "@timestamp": "2021-01-28T16:53:29.869Z", + "destination.address": "160.218.27.63", + "destination.as.number": 5610, + "destination.as.organization.name": "O2 Czech Republic, a.s.", + "destination.geo.continent_name": "Europe", + "destination.geo.country_iso_code": "CZ", + "destination.geo.country_name": "Czechia", + "destination.geo.location.lat": 50.0848, + "destination.geo.location.lon": 14.4112, + "destination.ip": "160.218.27.63", + "destination.port": 445, + "event.dataset": "zeek.signature", + "event.kind": "alert", + "event.module": "zeek", + "event.original": "{\"ts\": 1611852809.869245,\"uid\": \"CbjAXE4CBxJ8W7VoJg\",\"src_addr\": \"124.51.137.154\",\"src_port\": 51617,\"dst_addr\": \"160.218.27.63\",\"dst_port\": 445,\"note\": \"Signatures::Sensitive_Signature\",\"sig_id\": \"my-second-sig\",\"event_msg\": \"124.51.137.154: TCP traffic\",\"sub_msg\": \"\"}", + "fileset.name": "signature", + "input.type": "log", + "log.offset": 0, + "related.ip": [ + "124.51.137.154", + "160.218.27.63" + ], + "rule.description": "124.51.137.154: TCP traffic", + "rule.id": "my-second-sig", + "service.type": "zeek", + "source.address": "124.51.137.154", + "source.as.number": 17858, + "source.as.organization.name": "LG POWERCOMM", + "source.geo.city_name": "Busan", + "source.geo.continent_name": "Asia", + "source.geo.country_iso_code": "KR", + "source.geo.country_name": "South Korea", + "source.geo.location.lat": 35.1003, + "source.geo.location.lon": 129.0442, + "source.geo.region_iso_code": "KR-26", + "source.geo.region_name": "Busan", + "source.ip": "124.51.137.154", + "source.port": 51617, + "tags": [ + "zeek.signature" + ], + "zeek.session_id": "CbjAXE4CBxJ8W7VoJg", + "zeek.signature.note": "Signatures::Sensitive_Signature", + "zeek.signature.sub_msg": "" + } +] \ No newline at end of file diff --git a/x-pack/filebeat/modules.d/zeek.yml.disabled b/x-pack/filebeat/modules.d/zeek.yml.disabled index ade58f3130a..0667c6e35d1 100644 --- a/x-pack/filebeat/modules.d/zeek.yml.disabled +++ b/x-pack/filebeat/modules.d/zeek.yml.disabled @@ -23,7 +23,7 @@ http: enabled: true intel: - enabled: true + enabled: true irc: enabled: true kerberos: @@ -46,6 +46,8 @@ enabled: true rfb: enabled: true + signature: + enabled: true sip: enabled: true smb_cmd: